Jan 24

How to configure an IPSec VPN tunnel between two D-Link DI-LB604?

D-Link Router 7 Comments »

Configuration of DI-LB604 (Local)

Note: This FAQ if for firmware version 1.01 or later. The current firmware version 1.01 does not support an IPSec VPN Server for roaming users.

Step 1: Open your web browser and type in the IP address of the D-Link DI-LB604 router (192.168.0.1 by default). Enter the username (admin by default) and password (no password by default), and then click OK.

Step 2: Select the Home tab and click on IPSec.

DI-LB604-IPSec-1

Step 3: Configure the IPSec VPN client as followed:
Tunnel Name: enter a name for the VPN
Tunnel State: check to enable
Connection Type: select Static
WAN Binding: select the WAN source
Local IP / Subnet: enter the local IP and subnet of the DI-LB604 (192.168.3.0/255.255.255.0 in this example)
Remote IP / Subnet: enter the remote IP and subnet of the remote device (192.168.0.0/255.255.255.0 in this example)
Remote Gateway: enter the remote gateway (172.68.140.140 in this example)
Key Method: AutoKey (IKE)
Preshared Key: enter the preshared key (This key must match with the IPSec Server.)
Local ID (Option): leave as NONE
Remote ID (Option): leave as NONE
Click Apply and click Continue.

DI-LB604-IPSec-2

Step 4: Click Continue Setup and configure the Proposals as followed:
Phase 1
Negotiation Type: Main Mode
DH Group: DH Group 2 (1024-bit)
Encryption Method: 3DES
Authentication Method: SHA1
SA Lifetime: 28800 (default)

Phase 2
Encapsulation Format: ESP
Encryption Method: 3DES
Authentication Method: SHA1
Perfect Forward Secrecy: DH Group 2 (1024-bit)
Key Lifetime: 3600 (default)

Advanced
NetBIOS Broadcast: enabled by default
NAT Traversal: check to enable
Auto Reconnected: check to enable
IKE Keep Alive (Ping): enter the default gateway of the IPSec Server
Click Apply and click Continue.

Configuration of DI-LB604 (Remote)

Step 1: Open your web browser and type in the IP address of the DI-LB604 router (192.168.0.1 by default). Enter the username (admin by default) and password (no password by default), and then click OK.

Step 2: Select the Home tab and click on IPSec.

Step 3: Configure the IPSec VPN client as followed:
Tunnel Name: enter a name for the VPN
Tunnel State: check to enable
Connection Type: select Static
WAN Binding: select the WAN source
Local IP / Subnet: enter the local IP and subnet of the DI-LB604 (192.168.0.0/255.255.255.0 in this example)
Remote IP / Subnet: enter the remote IP and subnet of the remote device (192.168.3.0/255.255.255.0 in this example)
Remote Gateway: enter the remote gateway (172.140.140.140 in this example)
Key Method: AutoKey (IKE)
Preshared Key: enter the preshared key (This key must match with the IPSec Server.)
Local ID (Option): leave as NONE
Remote ID (Option): leave as NONE
Click Apply and click Continue.

Step 4: Click Continue Setup and configure the Proposals as followed:
Phase 1
Negotiation Type: Main Mode
DH Group: DH Group 2 (1024-bit)
Encryption Method: 3DES
Authentication Method: SHA1
SA Lifetime: 28800 (default)

Phase 2
Encapsulation Format: ESP
Encryption Method: 3DES
Authentication Method: SHA1
Perfect Forward Secrecy: DH Group 2 (1024-bit)
Key Lifetime: 3600 (default)

Advanced
NetBIOS Broadcast: enabled by default
NAT Traversal: check to enable
Auto Reconnected: check to enable
IKE Keep Alive (Ping): enter the default gateway of the IPSec Server
Click Apply and click Continue.

DI-LB604-IPSec-4

Step 5: Click Tunnel test. The tunnel should now be connected. To verify, click on the Status tab and click on IPSec Stats.

DI-LB604-IPSec-6

Note: The unit that initiates the connection will have Initiator (Quick): established as the Negotiation Status.

Tags: , ,

Jan 23

How to enable Backup Mode on one of the WAN ports for the D-Link DI-LB604?

D-Link Router 1 Comment »

Step 1: Open a web browser and type the IP address of the D-Link DI-634M into the address bar (default is 192.168.0.1). Press Enter.

Step 2: The default username is admin (all lower case) and the default password is blank (nothing). Click on OK.

Step 3: Click on the Home tab at the top and then click on WAN on the left side.

DI-LB604-WAN3

Step 4: Select the WAN port you desire to be in backup mode. Set Connect Mode to Backup.

Step 5: Click on Apply to save your settings.

Note: Upon completion of the following steps, when the primary WAN connection fails your backup connection will enable itself. If the primary WAN port is connected, the backup port will remain disconnected. The backup WAN port will only be enabled if the Primary WAN port it is backing up is disconnected. Load balance will not work if a WAN port is set to backup mode.

Tags: ,

Jan 23

How to bind ports to one WAN port on D-Link DI-LB604 Balancing Router?

D-Link Router No Comments »

This FAQ will demonstrate how to set up port binding for secure http on D-Link DI-LB604 WAN port 1.

Step 1: Open a web browser and type the IP address of the DI-LB604 into the address bar (default is 192.168.0.1).

Step 2: The default username is admin (all lower case) and the default password is blank (nothing). Click on OK.

Step 3: Click on the Tools tab at the top, then click on Misc on the lefthand side.

Step 4: Click on the Set Protocol & Port Binding button at the bottom of the page.

DI-LB604-WAN1

Step 5: Create Rule as Followed:

Enable
Source IP: 0.0.0.0
Dest. IP: Subnet
IP Address: 0.0.0.0
Subnet Mask: 255.255.255.0
Protocol: Both
Port Range: 443-443
Wan: Wan 1

DI-LB604-WAN2

Step 6: Click Apply

Tags: , ,

Aug 14

How to configure Dynamic DNS Service with the D-Link DI-LB604?

D-Link Router 2 Comments »

Dynamic DNS (Domain Name Service) is a method of keeping a domain name linked to a changing (dynamic) IP address. With most Cable and DSL connections, you are assigned a dynamic IP address and that address is used only for the duration of that specific connection. To properly configure the DDNS feature follow the steps below:

Step 1: Open a web browser and type the IP address of the DI-LB604 into the address bar (default is 192.168.0.1).

Step 2: The default username is admin (all lower case) and the default password is blank (nothing). Click on OK.

Step 3: Click on the Tools tab at the top and then click on DDNS on the lefthand side.

dlink-ddns01

Step 4: For service, select your DDNS service provider from the drop-down and configure the following:

  • Server Name – The name of the DDNS server.
  • User Name – Enter the username for your DDNS account.
  • Password – The password for your DDNS account.
  • Verify Password – Re-enter the password to prevent any typing errors.
  • Domain Name – The complete hostname to be updated.

Additional Settings:

  • Enable Wildcard: If enabled, all subdomains of your domain name map to your current IP address. If disabled, no subdomains of your domain name have an IP address.
  • Enable Backup MX: If enabled, all subdomains of your domain name map to your current IP address. If disabled, no subdomains of your domain name have an IP address.
  • Mail Exchanger: Define mail exchanger for the domain name. If omitted, the mail exchanger will be set to the domain name.

WAN Port Binding: If bound on the WAN port, the domain name will be mapped to the IP address of the WAN port.

Step 5: Click on Apply to save your settings.

Tags: , ,

css.php